Sat.Jul 03, 2021 - Fri.Jul 09, 2021

Ransomware Defense: Top 5 Things to do Right Now

Threatpost

Matt Bromiley, senior consultant with Mandiant Managed Defense, discusses the top tricks and tips for protecting enterprise environments from ransomware. InfoSec Insider Malware

Why the Password Isn't Dead Quite Yet

WIRED Threat Level

Everyone hates the old ways of authentication. But while change is closer than ever, it comes with its own drawbacks. Security Security / Security News

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Biden Orders Investigation of Kaseya Ransomware Attack

Data Breach Today

REvil Malware Suspected of Infecting Scores of IT Management Companies, Clients U.S. President Joe Biden has ordered federal intelligence agencies to investigate the incident involving IT management software vendor Kaseya.

Microsoft Issues Emergency Patch for Windows Flaw

Krebs on Security

Microsoft on Tuesday issued an emergency software update to quash a security bug that’s been dubbed “ PrintNightmare ,” a critical vulnerability in all supported versions of Windows that is actively being exploited.

IT 275

The Top 5 Business Outcomes Companies Can Achieve From Monitoring Consolidation

In this eBook, learn what the top five business outcomes are that organizations see when leveraging Datadog's end-to-end monitoring tool.

ROUNDTABLE: Kaseya hack exacerbates worrisome supply-chain, ransomware exposures

The Last Watchdog

It was bound to happen: a supply-chain compromise, ala SolarWinds, has been combined with a ransomware assault, akin to Colonial Pipeline, with devasting implications. Related: The targeting of supply chains. Last Friday, July 2, in a matter of a few minutes, a Russian hacking collective, known as REvil, distributed leading-edge ransomware to thousands of small- and mid-sized businesses (SMBs) across the planet — and succeeded in locking out critical systems in at least 1,500 of them.

More Trending

Kaseya Attack: REvil Offers $70 Million 'Super Decryptor'

Data Breach Today

Yet Another Ransomware Attack Targets Managed Service Providers to Maximize Profits The REvil ransomware operation behind the massive attack centering on Kaseya, which develops software used by managed service providers, has offered to decrypt all victims - MSPs as well as their customers - for $70 million in bitcoins.

Spike in “Chain Gang” Destructive Attacks on ATMs

Krebs on Security

Last summer, financial institutions throughout Texas started reporting a sudden increase in attacks involving well-orchestrated teams that would show up at night, use stolen trucks and heavy chains to rip Automated Teller Machines (ATMs) out of their foundations, and make off with the cash boxes inside.

SHARED INTEL: ‘Credential stuffers’ leverage enduring flaws to prey on video game industry

The Last Watchdog

The video game industry saw massive growth in 2020; nothing like a global pandemic to drive people to spend more time than ever gaming. Related: Credential stuffers exploit Covid 19 pandemic. Now comes a report from Akamai detailing the extent to which cyber criminals preyed on this development. The video game industry withstood nearly 11 billion credential stuffing attacks in 2020, a 224 percent spike over 2019.

Researchers Learn From Nation-State Attackers' OpSec Mistakes

Dark Reading

Security researchers discuss how a series of simple and consistent mistakes helped them learn more about ITG18, better known as Charming Kitten

Modernizing Workloads with the Cloud: How to Improve Performance & Reduce Costs

In this eBook, you’ll learn how to migrate workloads to Azure and optimize performance for your serverless and containerized applications in Azure.

Kaseya: Up to 1,500 Organizations Hit in Ransomware Attack

Data Breach Today

Software Vendor Quiet on Whether It Might Pay for REvil's Full Decryption Tool Software vendor Kaseya suspects that 800-1,500 organizations - mostly small businesses - were compromised via a ransomware attack that exploited its VSA remote management software.

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Krebs on Security

Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya , a Miami-based company whose products help system administrators manage large networks remotely.

IT 242

REvil gang exploited a zero-day in the Kaseya supply chain attack

Security Affairs

Kaseya was addressing the zero-day vulnerability that REvil ransomware gang exploited to breach on-premise Kaseya VSA servers. A new supply chain attack made the headlines, on Friday the REvil ransomware gang hit the Kaseya cloud-based MSP platform impacting MSPs and their customers.

Retail 112

It's in the Game (but It Shouldn't Be)

Dark Reading

Five ways that game developers (and others) can avoid falling victim to an attack like the one that hit EA

IT 113

Prioritizing Customer Experience Using SLIs & SLOs: A Case Study from The Telegraph

Service Level Indicators (SLIs) and Service Level Objectives (SLOs) are a key pillar of Site Reliability Engineering (SRE) and are the principal tool for eliminating needless alerts and focusing on what really matters to the business.

Kroger, British Airways Agree to Settle Data Breach Lawsuits

Data Breach Today

Class Actions Filed Against Each Company After Hacking Incidents U.S.-based based pharmacy and supermarket chain Kroger and U.K.-based based British Airways have each agreed to settle class action lawsuits filed in the wake of two massive data breaches

Vulnerability in the Kaspersky Password Manager

Schneier on Security

A vulnerability (just patched) in the random number generator used in the Kaspersky Password Manager resulted in easily guessable passwords: The password generator included in Kaspersky Password Manager had several problems.

Kaseya warns customers of ongoing malspam campaign posing as security updates

Security Affairs

Threat actors are conducting a spam campaign aimed at infecting Kaseya customers, posing as legitimate VSA security updates. Kaseya is warning customers of threat actors attempting to exploit the recent massive supply chain ransomware attack suffered by the company.

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Dark Reading

Automation allowed a REvil affiliate to move from exploitation of vulnerable servers to installing ransomware on downstream companies faster than most defenders could react

Detect and Respond to Threats Across Your Applications, Networks, and Infrastructure

Understand how to solve cloud complexity challenges with threat detection tools, analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework with Datadog Security Monitoring.

The Business of Ransomware: Specialists Help Boost Profits

Data Breach Today

Ransomware-as-a-Service Operations Tap Expert Intrusion Specialists and Negotiators As ransomware attacks become more prolific, their success is being driven by the increasing use of specialists who can refine every stage of an attack.

An Office Phone Flaw Can’t Be Fixed by Cisco Alone

WIRED Threat Level

The company released a patch this week, but security researchers say the root of the problem is beyond its control—and symptomatic of a larger issue. Security Security / Security News

IT 111

Wiregrass Electric Cooperative hit by a ransomware attack

Security Affairs

Wiregrass Electric Cooperative, a rural Alabama electric cooperative was hit by a ransomware attack. Wiregrass Electric Cooperative, a rural Alabama electric cooperative that serves about 25,000 members, was hit by a ransomware attack.

New WildPressure Malware Capable of Targeting Windows and MacOS

Dark Reading

The Trojan sends information back to the attackers' servers about the programming language of a target device

112
112

Optimize the Performance of Your Serverless Functions

Run mission-critical applications on serverless without sacrificing visibility.

Malspam Campaign Targets Kaseya Victims

Data Breach Today

Phishing Emails Contain Malicious Link, Attachment Spammers posing as software vendor Kaseya are waging a malspam campaign to target users of the company's VSA remote IT management software that was hit by a ransomware attack, the security firm Malwarebytes reports

How REvil Ransomware Took Out Thousands of Business at Once

WIRED Threat Level

More details have come to light as to how the notorious hacking group pulled off its unprecedented attack. Security Security / Security News

Kaseya VSA supply-chain ransomware attack hit hundreds of companies

Security Affairs

A supply attack by REvil ransomware operators against Kaseya VSA impacted multiple managed service providers (MSPs) and their clients. A new supply chain attack made the headlines, this afternoon, the REvil ransomware gang hit the cloud-based MSP platform impacting MSPs and their customers.

Autonomous Security Is Essential if the Edge Is to Scale Properly

Dark Reading

Service demands at the network edge mean customers need to get cost, performance, and security right

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

Biden's New Executive Order Looks to Address Data Privacy

Data Breach Today

White House Asks FTC to Develop New Rules on Consumer Data Collection In his new executive order, President Biden asks the FTC to establish new rules over how tech firms can collect and use data from their customers, as a way to offer more privacy protections for U.S. consumers.

Details of the REvil Ransomware Attack

Schneier on Security

ArsTechnica has a good story on the REvil ransomware attack of last weekend, with technical details: This weekend’s attack was carried out with almost surgical precision.

Coop supermarket closes hundreds of stores after Kaseya supply chain ransomware attack

Security Affairs

Swedish supermarket chain Coop is the first company to disclose the impact of the recent supply chain ransomware attack that hit Kaseya. The supermarket chain Coop shut down approximately 500 stores as a result of the supply chain ransomware attack that hit the provider Kaseya.